Skip navigation
Menu
Compute Engines

I LOVE YOU fix.

The following fix was submitted by Mike Rhodes, [email protected]

Mike uses regdelete. You may also use reg, reg, or regedit.


 
      	  		     For WINNT and (hopefully) WIN98/95  
			       by Mike Rhodes  
			email: [email protected]
		this fix is not warranted or guaranteed in any way..
		Use the below changes for a Windows registery entries at
		your own risk! This was tested once under WINNT/REGEDIT only!
		    This just might repair win95/98 user registers too!
		Some users may need to run REGEDIT32 instead of REGEDIT.
		(WIN98 users replace the name WINNT with WIN98/WIN95)

What this does NOT fix... This does not repair all those nice PICTURE/SOUND files that
have been corrupted with the VIRUS!  In all likelyhood, you will need to DELETE
ALL files that have the suffix of "vbs". So, file name "PICTURE.vbs" or 
"Multi.Media.sound.mp3.vbs" is probably corrupted and needs to be deleted... Run an
Anti-Virus routine to clean these up. I used Norton AntiVirus and picked up 
the latest LIVEUPDATE from the internet. But, even Norton doesn't repair all the 
damage.  
(the possibles are: .vbs, .vbe, .js, .jse, .css, .wsh, .sct, .hta, .jpg, .jpeg, .wav, 
.txt, .gif, .doc, .htm, .html, .xls, .ini, .bat, .com, .mp3, and .mp2. )



To fix the WinNT Registery..

FIRST!
CLOSE/stop your web browser (if opened/started)


	These entries will need to be deleted/removed 

regdelete "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSKernel32",dirsystem&"\MSKernel32.vbs"

regdelete "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX",downread&"\WIN-BUGSFIX.exe"

regdelete "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Win32DLL",dirwin&"\Win32DLL.vbs"

	
			- here's how...


WinNT - Start/Run/REGEDIT  HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Name:  MSKernel32 

Data: c:\WINNT\system32\MSKernel32.vbs

	action:	RIGHT CLICK on NAME "MSKernel32"

	action:	Select "DELETE"   (and confirm it)

STEP 2..  FOLDER

  HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices

	If this NAME is the only name in "RunServices" then:

	Name:  Win32DLL

	Data:  c:\WINNT\Win32DLDL.vbs
then, DELETE the FOLDER 
		action:  RIGHT CLICK on "RunServices" FOLDER and 
		         Select "DELETE"  (and confirm it)

	If it is NOT the only NAME in RunServices then: delete only:

 NAME: Win32DLL

		action: RIGHT CLICK on NAME "Win32DLL"

		action: Select "DELETE"  (and confirm it)

  
Step 3..   DELETE (delete if found - may not be found)


   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Name:  WIN-BUGSFIX 

Data: c:\WINNT\system32\WIN-BUGSFIX.exe

	action:	RIGHT CLICK on NAME "MSKernel32"

	action:	Select "DELETE"   (and confirm it)


			This entry needs to be modified

Step 1

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

	action: RIGHT CLICK on NAME "Start Page"
	
	action: Modify
	
	change the Value Data to: http://www.microsoft.com
	(or some other friendly web site url)

	Click "OK"
	

Now CLOSE REGEDIT


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
	This is the data that is BAD. These entries need to be changed 
	to a different "HOME PAGE". DO NOT USE THESE ENTRIES FOR 
	YOUR HOME PAGE. (this is what causes more problems every time 
	you open your web browser)

regdelete "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~young1s/HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf7679njbvYT/WIN-BUGSFIX.exe"



regdelete "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~angelcat/skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4jnHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe"



regdelete "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~koichi/jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3Vbvg/WIN-BUGSFIX.exe"



regdelete "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~chu/sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy7thjg/WIN-BUGSFIX.exe"

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

as a precaution!.. we cleared out the temporary internet file & history,  
cleared documents from the taskbar menu, emptied all the trash
buckets, then re-booted, shutdown/restart style.  

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You might also want to check out Woody "Cure for Love" fix at http://www.woodyswatch.com/special/.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023